June 2023

36% of government IT does not have a documented disaster recovery plan 21/06/2023 at 17:27 By The experience and habits of IT departments when it comes to ransomware and data recovery were analyzed in a recent report by Arcserve.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React

React to this headline:

New Report Exposes Operation Triangulation’s Spyware Implant Targeting iOS Devices 21/06/2023 at 16:56 By More details have emerged about the spyware implant that’s delivered to iOS devices as part of a campaign called Operation Triangulation. Kaspersky, which discovered the operation after becoming one of the targets at the start of the year, said the malware has a

React to this headline:

3 in 4 people at risk of being hacked due to poor password practices 21/06/2023 at 16:20 By A new report shows that 75% of people globally don’t adhere to widely-accepted password best practices with 64% either using weak passwords or repeat variations of passwords to protect their online accounts. This article is an excerpt

React to this headline:

Digital-first economy introduces unforeseen risks for 89% of CISOs 21/06/2023 at 16:20 By A new survey shows CISOs struggle to cost justify security investments despite known security gaps, face increasing personal risks, and worry about the rapid adoption of AI. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

React to this headline:

Startup Security Tactics: Friction Surveys 21/06/2023 at 16:20 By When we do quarterly planning, my team categorizes our goals within four evergreen outcomes: Reduce the risk of information security incidents Increase trust in Vanta’s information security program Reduce the friction caused by information security controls Use security expertise to support the business In this article, I’m

React to this headline:

Critical ‘nOAuth’ Flaw in Microsoft Azure AD Enabled Complete Account Takeover 21/06/2023 at 16:20 By A security shortcoming in Microsoft Azure Active Directory (AD) Open Authorization (OAuth) process could have been exploited to achieve full account takeover, researchers said. California-based identity and access management service Descope, which discovered and reported the issue in April 2023,

React to this headline:

Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor 21/06/2023 at 14:38 By Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom’s Symantec, involved a new backdoor codenamed Graphican. Some

React to this headline:

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks 21/06/2023 at 11:49 By A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023.

React to this headline:

Alert! Hackers Exploiting Critical Vulnerability in VMware’s Aria Operations Networks 21/06/2023 at 11:49 By VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks (formerly vRealize Network Insight) has come under active exploitation in the wild. The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product

React to this headline: